Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
OSSL_STORE and PKCS#12: Check if there is a MAC to verify before prom…
…pting When a DER object with unknown contents comes all the way to ossl_store_handle_load_result(), and it attempts to decode them as different objects, the PKCS#12 decoding attempt would (almost) always prompt for a passphrase, even if there isn't a MAC to verify it against in the PKCS#12 object. This change checks if there is a MAC to verify against before attempting to prompt for a passphrase, leading to less surprising behavior. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #21197) (cherry picked from commit 7a52061)
- Loading branch information